FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gd -- integer overflow

Affected packages
gd < 2.0.29,1
1.*,2 < gd < 2.*,2
ja-gd < 2.0.29,1
1.*,2 < ja-gd < 2.*,2
uk-gd < 2.0.29,1
1.*,2 < uk-gd < 2.*,2

Details

VuXML ID 62239968-2f2a-11d9-a9e7-0001020eed82
Discovery 2004-10-26
Entry 2004-11-05

infamous41md reports about the GD Graphics Library:

There is an integer overflow when allocating memory in the routine that handles loading PNG image files. This later leads to heap data structures being overwritten. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image.

References

Bugtraq ID 11523
CVE Name CVE-2004-0990
Message 20041025204303.4341d907.infamous41md@hotpop.com
URL http://www.boutell.com/gd/manual2.0.29.html#whatsnew2.0.29